Apple announced Apple Business Essentials for businesses under 500 employees

[gjsman]

Summary

Today, Apple announced Apple Business Essentials, which offers all-in-one (according to Apple):

• Setup
• Onboarding
• Backup
• Security
• App Licensing
• Support
• Repairs
• Updates

 

Quotes

Quote

One complete subscription that seamlessly brings together device management, 24/7 support, and cloud storage. So your small business can easily manage every employee's iPhone, iPad, and Mac - every step of the way.

Quote

Pricing:

- Single device per user, 50 GB of storage, $3/mo/user.

- 3 devices per user and 200GB of storage, $7/mo/user.

- 3 devices per user and 2TB each, $12/mo/user.

My thoughts

This offers setup out-of-the-box (just hand out Macs without even taking off the shrink wrap in any order), employee-initiated repair handling and on-site repair options, chat and phone call support by Apple (so your IT department has less questions to answer), cloud storage through iCloud with automatic backup, automatic app installation and deployment - basically every box appears to be checked.

 

Compare that to Windows with group policy, Azure AD, seperate MDM, registry keys, Windows Defender, Domain Controllers, separate manufacturer support contracts, more complicated setup - it looks like flaming hot garbage to deploy Windows compared to Chromebooks or this. 

 

Apple has apparently decided that kicking Windows out of small businesses (and maybe the Enterprise with things like JAMF or Fleetsmith) is the new plan. 

 

 

Sources

https://www.apple.com/business/essentials/

[Commodus]

Apple honestly needs a lot more like this. Its biggest challenge isn't the price of its products, it's that Windows OEMs like Dell and HP bend over backwards to land business customers with on-site support and other extensive service contracts. It almost doesn't matter how reliable the PCs themselves are because a technician will sort them out in a few hours.

 

I wouldn't consider Apple's business issues solved (app support is arguably the biggest obstacle), but this does make a solid case if you're running a small-ish business and can consider Macs in your workflow. One monthly fee and Apple helps with just about everything.

[Brooksie359]

I mean what small business would use this that isn't already likely using apple devices? I guess I might be a bias as I am in the engineering field and Apple products often don't have the greatest support for alot of engineering software. Granted I do see iPads used in my field alot but when you need to use a computer and need to use CAD programs Apple products aren't really an option. 

[saltycaramel]

Apple acquired Fleetsmith last year, incidentally.

[leadeater]

3 hours ago, gjsman said:

Compare that to Windows with group policy, Azure AD, seperate MDM, registry keys, Windows Defender, Domain Controllers, separate manufacturer support contracts, more complicated setup - it looks like flaming hot garbage to deploy Windows compared to Chromebooks or this. 

Um no, Windows has automatic zero touch enrollment/onboarding as well. I wouldn't make such comments on something you don't know about  You can do Windows management with just Azure AD and Intune only. Registry? What? Nobody messes around with that in Windows Management land unless a garbage app forces you to, Windows Defender is either managed via GPO or Intune so no reason to list it at all, logging support case via website or phone with vendor is no harder than with Apple so no net benefit.

 

Apple you need Mac OS Server which includes; Open Directory, Profile Manager, Correctly configured Profile Manager Push settings at the network and firewall, ideally a publicly trusted certificate chain.

 

I can make Apple's equivalent implementation of management look just as complicated if I want to, ultimately neither are and it doesn't matter.

 

If you want to talk benefits of Apple ecosystem and management then list things like common management framework across Mac devices, phones and tablets and how Apple actually offers these devices themselves. You don't need a Windows management framework setup AND an Apple/Android management framework setup you just need Apple's if you only use Apple devices. This is by far the biggest win.

 

3 hours ago, gjsman said:

JAMF

JAMF has nothing to do with Apple at all, it's 3rd party, and a great deal many more exist on the Windows side including first party options from Microsoft i.e. SCCM.

[gjsman]

18 minutes ago, leadeater said:

Apple you need Mac OS Server which includes; Open Directory, Profile Manager, Correctly configured Profile Manager Push settings at the network and firewall, ideally a publicly trusted certificate chain.

 

No - you don't. This does not need MacOS Server at all to function and Apple has deprecated MacOS Server since 2018.

 

 

[leadeater]

12 hours ago, gjsman said:

No - you don't. This does not need MacOS Server at all to function and Apple has deprecated MacOS Server since 2017. 

It's not deprecated, current version is 5.11. Not everyone needs a JAMF or Fleetsmith implementation.

 

Edit:

Also I find it highly amusing you need a Office 365 or G Suit account to even use Fleetsmith, iCloud I am sure is coming but it's not an option yet.

 

P.S. It was also an intentional demonstration of how I can make something look complicated, relevance wasn't the point in the same way your dump on Windows management wasn't relevant nor correct either. It's possible to just talk about a story and it's benefits without using the opportunity to take a jab at another company or product, something can be good solely on it's own merits.

[mr moose]

9 hours ago, leadeater said:

It's possible to just talk about a story and it's benefits without using the opportunity to take a jab at another company or product,

This is an internet forum isn't it?

 

 

[Paul Thexton]

18 hours ago, leadeater said:

It's not deprecated, current version is 5.11.

Yeah. I think people get confused about macOS server because certain functionality was removed from it a number of years ago, therefore people say "Oh it's deprecated then."  Not really.

 

The Profile Manager built in to macOS Server is probably suitable for most, but it *is* limited. It does not offer all of the functionality of their own MDM specs that the likes of Jamf do - for example, want to roll out some PPPC settings to allow your security software full disk access? Or want to pre-approve said security software's System Extension to load? You're going to struggle (unless things have changed with the latest beta, I haven't had the opportunity or desire to check that yet)

 

macOS Server Profile Manager would be perfect if it would allow you to craft the MDM xml file yourself and then simply import it.

[BlueChinchillaEatingDorito]

On 11/10/2021 at 8:59 AM, gjsman said:

Summary

Today, Apple announced Apple Business Essentials, which offers all-in-one (according to Apple):

• Setup
• Onboarding
• Backup
• Security
• App Licensing
• Support
• Repairs
• Updates

 

Quotes

My thoughts

This offers setup out-of-the-box (just hand out Macs without even taking off the shrink wrap in any order), employee-initiated repair handling and on-site repair options, chat and phone call support by Apple (so your IT department has less questions to answer), cloud storage through iCloud with automatic backup, automatic app installation and deployment - basically every box appears to be checked.

 

Compare that to Windows with group policy, Azure AD, seperate MDM, registry keys, Windows Defender, Domain Controllers, separate manufacturer support contracts, more complicated setup - it looks like flaming hot garbage to deploy Windows compared to Chromebooks or this. 

 

 

 

 

Sources

https://www.apple.com/business/essentials/

My workplace recently moved to Microsoft Managed Desktop to replace our existing on-premises AD and SCCM setup and it's extremely easy to get a machine from out of the box, prepped, and shipped to the user to have them setup their machine remotely from the comfort of their home office. From a Service Centre perspective, it's as simple as ensuring the device is enrolled into the company's Azure tenant which includes intune, Windows is updated, and drivers are installed. Once that's all done, you can ship the device to the user and the Windows OOBE will automatically recognize the device is part of the company's Azure Tenant and will have the user setup everything with their corporate M365 credentials. Baseline applications will start downloading once logged in same with Group Policies. All of this can be done via regular old internet. No need to create VPN connections to the corporate network to communicate with the Domain Controller for the first login. 

[Video Beagle]

3 hours ago, huilun02 said:

along with all the necessary specialized apps that only run on Windows?

....why would I company using such sign up for this program?

 

[Guest]

This doesn’t really make a lot of sense to me; from what I’ve understood it’s a subscription model for iCloud storage and device management. They have no collaboration platform, no document / content management system (iCloud is not a CMS/DMS) and no email capability. That’s before you get to the complexities of DLP and records management.

 

 

Hopefully there’s some form of OAuth/SAML support otherwise this is just going to be a pain: the focus customer for this service is already going to exist in either Microsoft 365 or Google Workspace so if they can federate identity, it’ll make it a heap easier.